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-admin_change_password: 
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user.read.write 
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others: 
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• program2: 

user:read,execute 
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user:read,execute 
group:read,execute 
others:read, execute 
-SID10:SetSID 100 
-group:security:SetSID 200 
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-group:disks:SetSID 400 
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628 ^SID200:SetSID 210 

-printer_admin: 

ertn ^SID300:SetSID310 
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-disk_admin: 

632 ^SID400:SetSID 410 

- create_directory: 
coo ^SID21 0:allow:execute 
°^_^SID310:allow:execute 

-create_device: 
R4? y SID31 0'allow:execute 
g^^SID410:allow:execute 



900- 



906- 



-/home 

user:read,write,create,delete 
group:read,write,search 

Qno others:read,search 

onl ^SID230.delete 

yu4 ^SID210:create 

-/user/spool/batch 

user:read,write,create,delete 
group :read,write,search 
others: read.search 

Qn o ^-SID51 0.read.search 

^°^SID520:delete 

^2^510521 .delete 



FIG. 9 



FIG. 6 



AUS920030616US1 
Basibes et al. 
Method and Apparatus tor Providing Process-Based 
Access Controls on Computer Resources 

5/5 



706- 



admin tool 



group:security:SetSID 200 
group:printers:SetSID 300 
group:disks:SetSID 400 



708 

A. 



user admin 



702 



SID200:SetSID210 



printer_admin 



SID300:SetSID 310 



704 
_Z_ 



disk admin 



SID400:SetSID 410 



71 (K 



createjlirectory 



SID210:allow:execute 
SID310:allow:execute 



I 



create device 



SID310:allow:execute 
SID410:allow:execute 



FIG. 7 



-700 



806- 



812 



create user 



SID200:SetSID210 



I 



delete home 



SID220:SetSID 230 



810 



81 4^ 

FIG. 8 



admin tool 



group:security.SetSID 200 
group:printers:SetSID 300 
group:batch:SetSID 500 



804 



delete user 



SID200:SetSID 220 



delete batch 



SID220:SetSID 521 
SID510:SetSID 520 



delete mail 



SID220:allow:execute 
SID220:SetSID 221 



800- 





808 

/ 


manage_batch 


SID500:SetSIC 


) 510 



-802 



stop_batch_job 



SID510:allow:execute 
SID520:allow:execute 
SID521:allow:execute 



